<%@ page import="java.sql.ResultSet" %>
<%@ page import="util.JDBC" %>
<%@ page import="util.JSON" %>
<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<%
    //设置服务器端以UTF-8编码进行输出
    response.setCharacterEncoding("utf-8");
    //设置浏览器以UTF-8编码进行接收,解决中文乱码问题
    response.setContentType("application/json; charset=utf-8");

    String oldPassword=request.getParameter("oldPassword");
    String newPassword=request.getParameter("newPassword");
    String userId="";
    try{
        userId=session.getAttribute("userId").toString();
    }catch (Exception ex){
        response.sendRedirect("login.jsp");
    }
    String sql="select count(*) as count from user where id='"+userId+"' and password='"+oldPassword+"'";
    System.out.println(sql);
    ResultSet rs= JDBC.executeQuery(sql);
    int count=0;
    while (rs.next()){
        count=rs.getInt("count");
    }
    if(count==0){
        System.out.println("密码输入错误！");
        JSON json=new JSON("status","error");
        json.put("message","密码输入错误！");
        out.print(json.getJson());
    }else {
        sql="update user set password='"+newPassword+"' where id='"+userId+"'";
        JDBC.executeUpdate(sql);
        JSON json=new JSON("status","success");
        json.put("message","修改成功！");
        out.print(json.getJson());
    }
%>